1. CYBER CRIMEAND
SECURITY
P.V.SubbaReddy
3rd year-CSE
SRM University,
Chennai.
Mobile no:9444153735
ABSTRACT:
The terms computer crime and cybercrime are more properly restricted to describing criminal
activity in which the computer or network is a necessary part of the crime, these terms are also
sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and
embezzlement, in which computers or networks are used. As the use of computers has grown,
computer crime has become more important.
Computer crime can broadly be defined as criminal activity involving an information technology
infrastructure, including illegal access (unauthorized access), illegal interception (by technical
means of non-public transmissions of computer data to, from or within a computer system), data
interference (unauthorized damaging, deletion, deterioration, alteration or suppression of
computer data), systems interference (interfering with the functioning of a computer system
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
139
ISBN: 378-26-138420-01
2. byinputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer
data), misuse of devices, forgery (ID theft), and electronic fraud.
Computer crime issues have become high-profile, particularly those surrounding hacking,
copyright infringement through warez, child pornography, and child grooming. There are also
problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
CONTENTS:
Cyber crime
Specific computer crimes
o Spam
o Phishing
o Fraud
o Obscene or offensive content
o Harassment
o Drug trafficking
o Cyberterrorism
Documented cases
Security
Approaches
Some techniques
Applications
Conclusion.
References
CYBER CRIME:
Learn cybercrime why?
Because
– Everybody is using COMPUTERS.
– From white collar criminals tto Terrorist organizations andfrom TeenagerstoAdults
– Conventional crimes like Forgery,extortion,,kidnappingetc.. Are being committed with tthe
help of computers
– New generation iis growing up with computers
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
140
ISBN: 378-26-138420-01
3. – MOST IMPORTANT - Monetary ttransactionsare moving on tto tthe IINTERNET
Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to
criminal activity where a computer or network is the source, tool, target, or place of a crime.
Computer crime encompass a broad range of potentially illegal activities. Generally, however, it
may be divided into one of two types of categories:
(1) crimes that target computer networks or devices directly;
(2) crimes facilitated by computer networks or devices, the primary target of which is
independent of the computer network or device.
Examples of crimes that primarily target computer networks or devices would include,
Malware and malicious code
Denial-of-service attacks
Computing viruses
Examples of crimes that merely use computer networks or devices would include,
Cyber stalking
Fraud and identity theft
Phishing scams
Information warfare
A common example is when a person starts to steal information from sites, or cause damage to, a
computer or computer network. This can be entirely virtual in that the information only exists in
digital form, and the damage, while real, has no physical consequence other than the machine
ceases to function. In some legal systems, intangible property cannot be stolen and the damage
must be visible, e.g. as resulting from a blow from a hammer. Where human-centric terminology
is used for crimes relying on natural language skills and innate gullibility, definitions have to be
modified to ensure that fraudulent behavior remains criminal no matter how it is committed.
A computer can be a source of evidence. Even though the computer is not directly used for
criminal purposes, it is an excellent device for record keeping, particularly given the power to
encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to
criminal investigators.
In news:
1 out of 5 children received a sexual solicitation or approach over the Internet in a one-
year period of time (www.missingchildren.com)
California warns of massive ID theft – personal data stolen from computers at University
of California, Berkeley (Oct 21, 2004 IDG news service)
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
141
ISBN: 378-26-138420-01
4. Microsoft and Cisco announced a new initiative to work together to increase internet
security
(Oct 18, 2004 www.cnetnews.com)
Cyber attack–Customer information misappropriated through unauthorised access to
privileged systemsor other electronic means]
For example:
–through tapping the ATM/POS network connection cables,
–hacking into the network computer,
SPECIFIC COMPUTER CRIMES:
USING MALWARES:
Malware:Malware is Malicious Software - deliberately created and specifically designed to
damage, disrupt or destroy network services, computer data and software.
There are several types
Computer virus: program which can copy itself and surreptitiously infect another computer,
often via shared media such as a floppy disk, CD, thumb drive, shared directory, etc. Viruses are
always embedded within another file or program.
Worm: self-reproducing program which propagates via the network.
Trojan horse: program which purports to do one thing, but secretly does something else;
example: free screen saver which installs a backdoor
Root kit: set of programs designed to allow an adversary to surreptitiously gain full
control of a targeted system while avoiding detection and resisting removal, with the
emphasis being on evading detection and removal
Botnet: set of compromised computers ("bots" or "zombies") under the unified command
and control of a "botmaster;" commands are sent to bots via a command and control
channel (bot commands are often transmitted via IRC, Internet Relay Chat).
Spyware: assorted privacy-invading/browser-perverting programs
Malware: an inclusive term for all of the above -- "malicious software
Ex:David Smith & The Melissa VirusExample
Spam
Spam, or the unsolicited sending of bulk email for commercial purposes, is unlawful to varying
degrees. As applied to email, specific anti-spam laws are relatively new, however limits on
unsolicited electronic communications have existed in some forms for some time.Spam
originating in India accounted for one percent of all spam originating in the top 25 spam-
producing countries making India the eighteenth ranked country worldwide for originating spam.
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
142
ISBN: 378-26-138420-01
5. Phishing
Phishing is a technique used by strangers to "fish" for information about you, information that
you would not normally disclose to a stranger, such as your bank account number, PIN, and
other personal identifiers such as your National Insurance number. These messages often contain
company/bank logos that look legitimate and use flowery or legalistic language about improving
security by confirming your identity details.
1. Fraud
Computer fraud is any dishonest misrepresentation of fact intended to induce another to do or
refrain from doing something which causes loss.In this context, the fraud will result in obtaining
a benefit by:
altering computer input in an unauthorized way. This requires little technical expertise
and is not an uncommon form of theft by employees altering the data before entry or
entering false data, or by entering unauthorized instructions or using unauthorized
processes;
altering, destroying, suppressing, or stealing output, usually to conceal unauthorized
transactions: this is difficult to detect;
altering or deleting stored data; or
altering or misusing existing system tools or software packages, or altering or writing
code for fraudulent purposes. This requires real programming skills and is not common.
Other forms of fraud may be facilitated using computer systems, including bank fraud, identity
theft, extortion, and theft of classified information(Csonka, 2000)
2. Obscene or offensive content
The content of websites and other electronic communications may be distasteful, obscene or
offensive for a variety of reasons. In some instances these communications may be illegal.
Many jurisdictions place limits on certain speech and ban racist, blasphemous, politically
subversive, libelous or slanderous, seditious, or inflammatory material that tends to incite hate
crimes.
The extent to which these communications are unlawful varies greatly between countries, and
even within nations. It is a sensitive area in which the courts can become involved in arbitrating
between groups with entrenched beliefs.
3. Harassment
Whereas content may be offensive in a non-specific way, harassment directs obscenities and
derogatory comments at specific individuals focusing for example on gender, race, religion,
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
143
ISBN: 378-26-138420-01
6. nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by
sending hate e-mail to interested parties (see cyber bullying, cyber stalking, harassment by
computer, hate crime, Online predator, and stalking). Any comment that may be found
derogatory or offensive is considered harassment.
4. Drug trafficking
Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances
through encrypted e-mail and other Internet Technology. Some drug traffickers arrange deals at
internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for
amphetamines in restricted-access chat rooms. The rise in Internet drug trades could also be
attributed to the lack of face-to-face communication. These virtual exchanges allow more
intimidated individuals to more comfortably purchase illegal drugs. The sketchy effects that are
often associated with drug trades are severely minimized and the filtering process that comes
with physical interaction fades away. Furthermore, traditional drug recipes were carefully kept
secrets. But with modern computer technology, this information is now being made available to
anyone with computer access.
5. Cyberterrorism
Government officials and Information Technology security specialists have documented a
significant increase in Internet problems and server scans since early 2001. There is a growing
concern among federal officials.that such intrusions are part of an organized effort by
cyberterrorists, foreign intelligence services, or other groups to map potential security holes in
critical systems. A cyberterrorist is someone who intimidates or coerces a government or
organization to advance his or her political or social objectives by launching computer-based
attack against computers, network, and the information stored on them.
Cyberterrorism in general, can be defined as an act of terrorism committed through the use of
cyberspace or computer resources (Parker 1983). As such, a simple propaganda in the Internet,
that there will be bomb attacks during the holidays can be considered cyberterrorism. At worst,
cyberterrorists may use the Internet or computer resources to carry out an actual attack. As well
there are also hacking activities directed towards individuals, families, organised by groups
within networks, tending to cause fear among people, demonstrate power, collecting information
relevant for ruining peoples' lives, robberies, blackmailing etc.
1. Documented cases
The Yahoo! website was attacked at 10:30 PST on Monday, 7 February 2000. The attack
lasted three hours. Yahoo was pinged at the rate of one gigabyte/second.
On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of
illegal access to computers, plus a total of ten counts of mischief to data for his attacks on
Amazon.com, eBay, Dell Computer, Outlaw.net, and Yahoo.
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
144
ISBN: 378-26-138420-01
7. MafiaBoy had also attacked other websites, but prosecutors decided that a total of 66
counts was enough. MafiaBoy pleaded not guilty. About fifty computers at Stanford
University, and also computers at the University of California at Santa Barbara, were
amongst the zombie computers sending pings in DDoS attacks.
In 26 March 1999, the Melissa worm infected a document on a victim's computer, then
automatically sent that document and copy of the virus via e-mail to other people. 21
January 2003
Two years jail for UK virus writer who infected 27,000 PCs
CRIME SECURITY: Computer security is a branch of technology known as
information security as applied to computers and networks. The objective of computer security
includes protection of information and property from theft, corruption, or natural disaster, while
allowing the information and property to remain accessible and productive to its intended users.
SOME APPROACHES:
Here are several approaches to security in computing, sometimes a combination of approaches is
valid:
1. Trust all the software to abide by a security policy but the software is not trustworthy
(this is computer insecurity).
2. Trust all the software to abide by a security policy and the software is validated as
trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not trustworthy
(again this is computer insecurity).
4. Trust no software but enforce a security policy with trustworthy mechanisms.
HARDWARE MECHANISMS THAT PROTECT COMPUTERS AND DATA:
Hardware based or assisted computer security offers an alternative to software-only computer
security. Devices such as dongles may be considered more secure due to the physical access
required in order to be compromised.
While many software based security solutions encrypt the data to prevent data from being stolen,
a malicious program may corrupt the data in order to make it unrecoverable or unusable.
Hardware-based security solutions can prevent read and write access to data and hence offers
very strong protection against tampering.
SECURE OPERATING SYSTEMS:
One use of the term computer security refers to technology to implement a secure operating
system. Much of this technology is based on science developed in the 1980s and used to produce
what may be some of the most impenetrable operating systems ever. Though still valid, the
technology is in limited use today, primarily because it imposes some changes to system
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
145
ISBN: 378-26-138420-01
8. management and also because it is not widely understood. Such ultra-strong secure operating
systems are based on operating system kernel technology that can guarantee that certain security
policies are absolutely enforced in an operating environment. An example of such a Computer
security policy is the Bell-La Padula model. The strategy is based on a coupling of special
microprocessor hardware features, often involving the memory management unit, to a special
correctly implemented operating system kernel. This forms the foundation for a secure operating
system which, if certain critical parts are designed and implemented correctly, can ensure the
absolute impossibility of penetration by hostile elements. This capability is enabled because the
configuration not only imposes a security policy, but in theory completely protects itself from
corruption. Ordinary operating systems, on the other hand, lack the features that assure this
maximal level of security. The design methodology to produce such secure systems is precise,
deterministic and logical.
If the operating environment is not based on a secure operating system capable of maintaining a
domain for its own execution, and capable of protecting application code from malicious
subversion, and capable of protecting the system from subverted code, then high degrees of
security are understandably not possible. While such secure operating systems are possible and
have been implemented, most commercial systems fall in a 'low security' category because they
rely on features not supported by secure operating systems (like portability, et al.). In low
security operating environments, applications must be relied on to participate in their own
protection. There are 'best effort' secure coding practices that can be followed to make an
application more resistant to malicious subversion.
In commercial environments, the majority of software subversion vulnerabilities result from a
few known kinds of coding defects. Common software defects include buffer overflows, format
string vulnerabilities, integer overflow, and code/command injection.
Some common languages such as C and C++ are vulnerable to all of these defects (see Seacord,
"Secure Coding in C and C++"). Other languages, such as Java, are more resistant to some of
these defects, but are still prone to code/command injection and other software defects which
facilitate subversion.
Recently another bad coding practice has come under scrutiny; dangling pointers. The first
known exploit for this particular problem was presented in July 2007. Before this publication the
problem was known but considered to be academic and not practically exploitable.
In summary, 'secure coding' can provide significant payback in low security operating
environments, and therefore worth the effort. Still there is no known way to provide a reliable
degree of subversion resistance with any degree or combination of 'secure coding.'
CAPABILITIES VS. ACLS:
Within computer systems, the two fundamental means of enforcing privilege separation are
access control lists (ACLs) and capabilities. The semantics of ACLs have been proven to be
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
146
ISBN: 378-26-138420-01
9. insecure in many situations (e.g., Confused deputy problem). It has also been shown that ACL's
promise of giving access to an object to only one person can never be guaranteed in practice.
Both of these problems are resolved by capabilities. This does not mean practical flaws exist in
all ACL-based systems, but only that the designers of certain utilities must take responsibility to
ensure that they do not introduce flaws.
Capabilities have been mostly restricted to research operating systems and commercial OSs still
use ACLs. Capabilities can, however, also be implemented at the language level, leading to a
style of programming that is essentially a refinement of standard object-oriented design. An open
source project in the area is the E language.
First the Plessey System 250 and then Cambridge CAP computer demonstrated the use of
capabilities, both in hardware and software, in the 1970s. A reason for the lack of adoption of
capabilities may be that ACLs appeared to offer a 'quick fix' for security without pervasive
redesign of the operating system and hardware.
The most secure computers are those not connected to the Internet and shielded from any
interference. In the real world, the most security comes from operating systems where security is
not an add-on, such as OS/400 from IBM. This almost never shows up in lists of vulnerabilities
for good reason. Years may elapse between one problem needing remediation and the next
APPLICATIONS:
IN AVIATION
The aviation industry is especially important when analyzing computer security because the
involved risks include human life, expensive equipment, cargo, and transportation infrastructure.
Security can be compromised by hardware and software malpractice, human error, and faulty
operating environments. Threats that exploit computer vulnerabilities can stem from sabotage,
espionage, industrial competition, terrorist attack, mechanical malfunction, and human error. The
consequences of a successful deliberate or inadvertent misuse of a computer system in the
aviation industry range from loss of confidentiality to loss of system integrity, which may lead to
more serious concerns such as data theft or loss, network and air traffic control outages, which in
turn can lead to airport closures, loss of aircraft, loss of passenger life. Military systems that
control munitions can pose an even greater risk.
NOTABLE SYSTEM ACCIDENTS:
In 1994, over a hundred intrusions were made by unidentified hackers into the Rome Laboratory,
the US Air Force's main command and research facility. Using trojan horse viruses, hackers were
able to obtain unrestricted access to Rome's networking systems and remove traces of their
activities. The intruders were able to obtain classified files, such as air tasking order systems data
and furthermore able to penetrate connected networks of National Aeronautics and Space
Administration's Goddard Space Flight Center, Wright-Patterson Air Force Base, some
Defensecontractors, and other private sector organizations, by posing as a trusted Rome center
user. Now, a technique called Ethical hack testing is used to remediate these issues.
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
147
ISBN: 378-26-138420-01
10. Electromagnetic interference is another threat to computer safety and in 1989, a United States
Air Force F-16 jet accidentally dropped a 230 kg bomb in West Georgia after unspecified
interference caused the jet's computers to release it.
A similar telecommunications accident also happened in 1994, when two UH-60 Blackhawk
helicopters were destroyed by F-15 aircraft in Iraq because the IFF system's encryption system
malfunctioned.
TERMINOLOGY:
The following terms used in engineering secure systems are explained below.
Authentication techniques can be used to ensure that communication end-points are who
they say they are.
Automated theorem proving and other verification tools can enable critical algorithms
and code used in secure systems to be mathematically proven to meet their specifications.
Capability and access control list techniques can be used to ensure privilege separation
and mandatory access control.
Chain of trust techniques can be used to attempt to ensure that all software loaded has
been certified as authentic by the system's designers.
Cryptographic techniques can be used to defend data in transit between systems, reducing
the probability that data exchanged between systems can be intercepted or modified.
Firewalls can provide some protection from online intrusion.
Mandatory access control can be used to ensure that privileged access is withdrawn when
privileges are revoked. For example, deleting a user account should also stop any
processes that are running with that user's privileges.
Secure cryptoprocessors can be used to leverage physical security techniques into
protecting the security of the computer system.
microkernels can be reliable against errors: eg EROS and Coyotos.
Some of the following items may belong to the computer insecurity article:
Anti-virus software consists of computer programs that attempt to identify, thwart and
eliminate computer viruses and other malicious software (malware).
Cryptographic techniques involve transforming information, scrambling it so it becomes
unreadable during transmission. The intended recipient can unscramble the message, but
eavesdroppers cannot.
Backups are a way of securing information; they are another copy of all the important
computer files kept in another location. These files are kept on hard disks, CD-Rs, CD-
RWs, and tapes. Suggested locations for backups are a fireproof, waterproof, and heat
proof safe, or in a separate, offsite location than that in which the original files are
contained. Some individuals and companies also keep their backups in safe deposit boxes
inside bank vaults. There is also a fourth option, which involves using one of the file
hosting services that backs up files over the Internet for both business and individuals.
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
148
ISBN: 378-26-138420-01
11. Encryption is used to protect the message from the eyes of others. It can be done in
several ways by switching the characters around, replacing characters with others, and
even removing characters from the message. These have to be used in combination to
make the encryption secure enough, that is to say, sufficiently difficult to crack. Public
key encryption is a refined and practical way of doing encryption. It allows for example
anyone to write a message for a list of recipients, and only those recipients will be able to
read that message.
Firewalls are systems which help protect computers and computer networks from attack
and subsequent intrusion by restricting the network traffic which can pass through them,
based on a set of system administrator defined rules.
Honey pots are computers that are either intentionally or unintentionally left vulnerable to
attack by crackers. They can be used to catch crackers or fix vulnerabilities.
Intrusion-detection systems can scan a network for people that are on the network but
who should not be there or are doing things that they should not be doing, for example
trying a lot of passwords to gain access to the network.
Pinging the ping application can be used by potential crackers to find if an IP address is
reachable. If a cracker finds a computer they can try a port scan to detect and attack
services on that computer.
Social engineering awareness keeps employees aware of the dangers of social
engineering and/or having a policy in place to prevent social engineering can reduce
successful breaches of the network and servers.
File Integrity Monitors are tools used to detect changes in the integrity of systems and
files.
REFERENCES:
Ross J. Anderson: Security Engineering: A Guide to Building Dependable Distributed
Systems, ISBN 0-471-38922-6
Morrie Gasser: Building a secure computer system ISBN 0-442-23022-2 1988
Stephen Haag, Maeve Cummings, Donald McCubbrey, Alain Pinsonneault, Richard
Donovan: Management Information Systems for the information age, ISBN 0-07-091120-
7
E. Stewart Lee: Essays about Computer Security Cambridge, 1999
Peter G. Neumann: Principled Assuredly Trustworthy Composable Architectures 2004
Paul A. Karger, Roger R. Schell:
CONCLUSION:
Computer security is critical in almost any technology-driven industry which
operates on computer systems.Computer security can also be refered to as computer
safety. The issues of computer based systems and addressing their countless
vulnerabilities are an integral part of maintaining an operational industry.
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT www.iaetsd.in
149
ISBN: 378-26-138420-01